your account is compromised
DO NOT TRADE
If you have access to the account

Steps to take NOW:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)


Please review how you are logging into Steam, you somehow gave them your log in information. This could of been due to the computer being compromised and redirecting to a fake login, or you using a 3rd party site to login to steam.

steam guard is an extra layer of security, it does nothing if you give away the log in

Steam Guard is not a magical make your account immune to compromise. It's just an extra key. It you give that key to a stranger, along with your username and password that stranger will have access to your account. It's no different to giving your house keys to a stranger.

Do ALL the steps in post #1 to secure the account then STOP using dodgy sites.

If you insist on using third party sites do it the safe way

1. Open Web browser
2. Login on Steams Official page
3. Visit Third party site
4. Look for and use the one click login button
5. If 4 doesn't work and you're asked for you username, password and Guard code your on a phishing site. LEAVE and DO NOT use again

Can also use sites like scamadviser.com to check how trustworthy a site is before using it. Works for any site not just Steam related. Use it whenever entering login credentials or banking data

Honestly I entered through Official Steam Website and not by any unknown site. Plus, I didn't share my id to anyone. And from deautorizing did not found any new devices connected to this account at all.

Originally posted by Shady Nefarius:

Honestly I entered through Official Steam Website and not by any unknown site. Plus, I didn't share my id to anyone. And from deautorizing did not found any new devices connected to this account at all.

No site you knew of. Phishing, Like any form of deception, relies on the victim not knowing they're being lied to.

Originally posted by Shady Nefarius:

Honestly I entered through Official Steam Website and not by any unknown site. Plus, I didn't share my id to anyone. And from deautorizing did not found any new devices connected to this account at all.

Was your computer running while it happened?
Then it might be infected.

Otherwise you needed to leak details for someone to get in. They could not enter accounts when there was only password, so they especially can not do that today.

Originally posted by Muppet among Puppets:

Originally posted by Shady Nefarius:

Honestly I entered through Official Steam Website and not by any unknown site. Plus, I didn't share my id to anyone. And from deautorizing did not found any new devices connected to this account at all.

Was your computer running while it happened?
Then it might be infected.

Otherwise you needed to leak details for someone to get in. They could not enter accounts when there was only password, so they especially can not do that today.

Nope. I was sleeping that time.

Originally posted by Shady Nefarius:

Originally posted by Muppet among Puppets:

Was your computer running while it happened?
Then it might be infected.

Otherwise you needed to leak details for someone to get in. They could not enter accounts when there was only password, so they especially can not do that today.

Nope. I was sleeping that time.

Scammers FIRST get into your account and THEN have their way with it. Those two steps don't have to happen simultaneously. Actually, there known cases of scammers waitng weeks to cash in.

There is no way to bypass Steam guard unless the user himself enters the 2FA pin along with his login details on third party Non-Valve sites, whatever they are.
Here's how Steam Guard was bypassed, to enter a user's account you need the login 2FA pin.

Originally posted by Shady Nefarius:

I am so confused why Steam Guard didn't do the job to prevent any intruders to enter through the account.

Your sentiment is a common one, it seems people have some misconceptions what Steam Guard is, how it protects the account and have some mismanaged expectations.

Steam Guard is a lock. But it doesn't matter how good the lock is, if you, the user, leaves the door open.

The reality is if you can be tricked into handing over your username and password via phishing, also asking for the Steam Guard code isn't some great trick. The big weakness for most account security schemes is ultimately they rely on the big sack of electric meat to not sabotage the security. And that's not something big sacks of electric meat and proven to be terribly good at.

And other sacks of electric meat are good at exploiting that flaw.

Originally posted by Supafly:

Steam Guard is not a magical make your account immune to compromise. It's just an extra key. It you give that key to a stranger, along with your username and password that stranger will have access to your account. It's no different to giving your house keys to a stranger.

Do ALL the steps in post #1 to secure the account then STOP using dodgy sites.

If you insist on using third party sites do it the safe way

1. Open Web browser
2. Login on Steams Official page
3. Visit Third party site
4. Look for and use the one click login button
5. If 4 doesn't work and you're asked for you username, password and Guard code your on a phishing site. LEAVE and DO NOT use again

Can also use sites like scamadviser.com to check how trustworthy a site is before using it. Works for any site not just Steam related. Use it whenever entering login credentials or banking data

I did that. Also checked out 3rd party sites logins and have no log in info at all. But my Steam on phone acts strange like I have to re-write all my account info to get log back in and used to stay connected the whole time.

Go play cs:go :(

i got hacked in a very very similar way i gave no info about me and i had 2 factor authenticator active and enabled and on. no clue how i got hacked or what should i do, the hacker was talking through my ♥♥♥♥♥♥♥ speakers and i was using headphones he said my account username and the only thing i did was friend him and message him about how i knew he was hacking. when i messaged him i gave ZERO info about my account, information, i quite litteraly gave nothing about me away, its as if he hacked me by using my steam username and nothing more. PLEASE HELP :(

Originally posted by magnusalehult:

i got hacked in a very very similar way i gave no info about me and i had 2 factor authenticator active and enabled and on. no clue how i got hacked or what should i do, the hacker was talking through my ♥♥♥♥♥♥♥ speakers and i was using headphones he said my account username and the only thing i did was friend him and message him about how i knew he was hacking. when i messaged him i gave ZERO info about my account, information, i quite litteraly gave nothing about me away, its as if he hacked me by using my steam username and nothing more. PLEASE HELP :(

If you have someone just randomly talking to you on your pc you have a major security issues on your end.

If you have access to your account:
Steps to take NOW:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

If not
https://steamcommunity.com/sharedfiles/filedetails/?id=1126288560

and you need more then just the account name to login in an account.

Originally posted by magnusalehult:

i got hacked in a very very similar way i gave no info about me and i had 2 factor authenticator active and enabled and on. no clue how i got hacked or what should i do, the hacker was talking through my ♥♥♥♥♥♥♥ speakers and i was using headphones he said my account username and the only thing i did was friend him and message him about how i knew he was hacking. when i messaged him i gave ZERO info about my account, information, i quite litteraly gave nothing about me away, its as if he hacked me by using my steam username and nothing more. PLEASE HELP :(

You got hijacked.

You gave your account's credentials away. The idea is that the hacker is already inside your account LONG BEFORE they friend you.

Stay calm and follow these steps:

1. Scan for malware. https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices. https://store.steampowered.com/twofactor/manage
4. Change passwords from a clean computer.
5. Generate new backup codes for your Mobile App. https://store.steampowered.com/twofactor/manage
6. Revoke the API key (there should be no key). https://steamcommunity.com/dev/apikey

what is an example of an api key? idk what to put in the api key and i do still have access to my account for now